Privacy Policy and commitment to Data Protection and EU-US Privacy Shield principles

 

At SpiraLinks, we take the requirements of Data Privacy very seriously. This Privacy Policy is published to inform visitors to the spl.com, spiralinks.com, focalreview.net and focalreview.com websites of what data may be gathered on these websites, how it may be used and with whom it may be shared. If you have any questions regarding this Privacy Policy, please contact privacy@spiralinks.com.

The privacy policies described here apply to all visitors to www.spl.com, www.spiralinks.com, www.focalreview.net and www.focalreview.com (collectively referred to throughout this document, with their parent company SpiraLinks, as “SPL”).

In furtherance of our commitment to consistent management of secure personal data, SpiraLinks is compliant with the Data Protection laws in Europe. SpiraLinks complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from European Union member countries to the United States in reliance on Privacy Shield. SpiraLinks has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. Pursuant to the Privacy Shield, SpiraLinks remains liable for the transfer of EU personal data to third parties acting as our agents unless we can prove we were not a party to the events giving rise to the damages. To learn more about the Privacy Shield program, and to view our certification page, please visit privacyshield.gov/welcome

SpiraLinks is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
 

1. Information Collected on our Websites

 

SPL collects and retains contact information for you as a visitor only if you voluntarily supply us with this information, which may include your e-mail address, street address, telephone number or other information to access protected information on our website or so we can follow up with you after your visit. If you have voluntarily provided this information, you consented to the collection and use of such personally identifiable information as described in this Privacy Policy.

SPL does not share, sell, rent, or trade personally identifiable information collected through these websites with third parties for any use other than that for which it was originally provided. If this practice should change in the future, we will update this policy to reflect that practice, provide individuals with the identity of those parties and the purpose for which they will be using the data as well as opt-out or opt-in (as applicable) choice prior to the release of said data.

SPL may disclose information in special cases when we have a good faith belief that such action is necessary to: (a) conform to legal requirements or comply with legal processes; (b) protect and defend our rights or property; (c) enforce the Website Conditions of Use; or (d) act to protect the interests of our users or others. Note that pursuant to the Privacy Shield, we are obliged to notify you that we may be required to release EU personal data in response to lawful requests by public authorities including to meet national security and law enforcement requirements.

Please note that the information you provide to SPL may be processed or held on computer systems and files of SPL companies throughout the world, including the United States. This may include companies, offices or data centers outside the European Economic Area. All SPL companies maintain the same levels of data protection, confidentiality and security. In certain cases, your information may be passed to companies who process data on behalf of SPL. In such cases we ensure that appropriate confidentiality arrangements are in place.
 

2. Information Management

 

Servers hosting our websites automatically record certain information about you when you use the sites, including details of your domain name, IP address, operating system and browser. SPL may use this information to understand website usage and traffic.

SPL may use cookies or other similar text files or programs when you visit certain parts of the SPL websites. A cookie is a small file that is sent to your browser and helps SPL to understand your use of the SPL websites and enables you to access, navigate and use the services provided on the SPL websites. For information about blocking the use of cookies, please refer to the instructions/help screen on your Internet browser. Please note that if you block cookies you may not be able to access certain online services provided on the SPL websites.

This website contains links to other sites that are not owned or controlled by SPL. Please be aware that SPL is not responsible for the privacy practices of such other sites. The present Privacy Policy applies only to information collected by this website.
 

3. Security and Confidentiality

 

SPL employs industry standard security measures to ensure the security of all data. We subscribe to the principles and practices of EU-US Privacy Shield requirements with respect to the acquisition, retention, use and management of all data originating in, used in or destined for the European Union.

We will take all reasonable steps to protect the confidentiality and security of your personal information. However, you accept the security risks inherent in providing information online over the Internet and will not hold SPL responsible for any breach of security unless this is due to our negligence.

You are also responsible for maintaining the security of any password, user ID, and any authentication needed to access any SPL website. SPL may suspend your use of a site, without notice, if any breach of security is detected or suspected. Access to and use of password protected and/or secure areas of any SPL website is restricted to authorized users only. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.
 

4. Opt-Out or to Update Your Information

 

SpiraLinks acknowledges the individual’s right to access their personal data pursuant to the Privacy Shield Framework. Individuals can review their data by sending a request to privacy@spiralinks.com

SpiraLinks will provide an individual with an opt-out or opt-in choice before we share their data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized.

If at any time after registering for information you change your mind, send us a request specifying your new choice. Please send your request to privacy@spiralinks.com or to:

SpiraLinks Corporation
Attention: Privacy Complaints
900 East Hamilton Avenue, Suite 100
Campbell, California 95008 USA

We will respond to your correction or update request within a reasonable timeframe.
 

5. Recourse Regarding EU Data Transferred Into the US

 

In compliance with the EU-US Privacy Shield Principles, SpiraLinks commits to resolve complaints about your privacy and our collection or use of your personal
information. European Union individuals with inquiries or complaints regarding this privacy policy should first contact SpiraLinks at:

SpiraLinks Corporation
Attention: Privacy Complaints
900 East Hamilton Avenue, Suite 100
Campbell, CA 95008 USA

+1.408.608.6912
e-mail: privacy@spiralinks.com

SpiraLinks has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. The services of BBB EU Privacy Shield are provided at no expense to you.

If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by SpiraLinks, and your inquiry or complaint involves human resource data collected in the context of the employment relationship, you may have your complaint considered by your state or national data protection (DPA) or labor authority in the jurisdiction where you work. Please go to ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm to locate your DPA. SpiraLinks agrees to cooperate with the relevant national DPAs and to comply with the decisions of the DPA Panel.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at privacyshield.gov/article?id=ANNEX-I-introduction.
 

6. Changes to this Privacy Policy

 

We reserve the right to modify this Privacy Policy at any time, consistent with the requirements of the EU-US Privacy Shield principles, so please review it frequently. If we make material changes to this policy, we will notify you here or by email.
 

7. Additional Information

 

Questions regarding this Policy, the practices of this website or the implementation of Data Protection or EU-US Privacy Shield principles should be sent to SpiraLinks by emailing privacy@spiralinks.com or by regular mail addressed to

SpiraLinks Corporation
Attention: Privacy Complaints
900 East Hamilton Avenue, Suite 100
Campbell, California 95008 USA

Effective: 4 February 2019

Comodo SSL